ansible-gpg-vault/vault.sh

27 lines
488 B
Bash
Executable File

#!/bin/bash
set -e -u
# Keyserver to use. You need to trust this keyserver that the uid is not spoofed when receiving keys
KEYSERVER=""
# File which contains a list of uid's to receive and encrypt the vault for
KEY_FILE=""
ACTION="$1"
# default action is vault decrypt
if [[ -z "$ACTION" ]]; then
ACTION="decrypt"
fi
case "$ACTION" in
"decrypt")
gpg2 --batch --use-agent --decrypt $(dirname $0)/vault_passphrase.gpg 2>/dev/null
;;
"reencrypt")
;;
esac